3

Click here to load reader

Chap02 Review

Embed Size (px)

Citation preview

Page 1: Chap02 Review

7/25/2019 Chap02 Review

http://slidepdf.com/reader/full/chap02-review 1/3

Guide to Firewalls and Network SecurityChapter 2 Solutions

Review Questions

1. IPSec: A set of standards and tools used to authenticate and/or secure communications.Application-level firewall: Software that functions as a proxy, runnin applications to access resourcesoutside the networ!.

In "rder: #he firewall processes re$uests %y followin rules in top to %ottom order.

&eny-All: All pac!ets are denied except for a few that have %een specifically identified as permissi%le.

'est (it: #he firewall determines the order in which rules should %e processed."a!ley: An alorithm used %y IPSec to enerate a security !ey needed to encrypt data

IPv): #he latest version of Internet Protocol, developed %y the I*#(.

+. hich of the followin rules should %e conveyed to employees hoose all that apply0Answer: , &

. hich of the followin descri%es aspects of a policy as opposed to a standard or a uide hec! all

that apply.0Answer: ',

2. hat is the name for the part of the security policy that spells out how employees dial in to the office

networ! to access filesAnswer: '

3. *xplain what it means to 4Start with the policy, not the firewall.5

Answer: 6ather than purchasin and installin one or more firewalls and then developin a policy, anorani7ation should first identify what needs to %e protected and develop a policy that addresses that

 protection in a comprehensive way, and then install a firewall as part of policy.

). hy would you want to chane a security policyAnswers:

8. hat amount of time should you expect to spend on the security policy development process

Answer: #he exact time frame depends on the company, %ut development typically ta!es one to twowee!s. #he approval process, however, can ta!e wee!s or months dependin on the si7e and

complexity of the orani7ation.

9. Its important for security specialists to remem%er that ran!-and-file employees primary concern is:

Answer: '. or!ers may %e concerned a%out maintainin their privacy and that of the companys

customers, %ut their primary concern is to et access to files, forms, and data they need to complete

their pro;ects.

<. hy would you specify the use of IPSec in a security policy

Answer: If you need to transfer sensitive information that re$uires an extra level of security.

1=. hich of the followin provides for authentication

Answer: &. Answer '., tunnel mode, encapsulates and/or encrypts data %ut does not provide for

authentication.

11. (inish this sentence: IPSec can save you the time and expense of installin...

Answer: A.

1+. hat does an IPSec policy doAnswer: A.

>uide to (irewalls and ?etwor! Security hapter + Solutions

Page 2: Chap02 Review

7/25/2019 Chap02 Review

http://slidepdf.com/reader/full/chap02-review 2/3

1. In what environment would you specify an IPSec policy in >roup Policy

Answer: '. A is too vaue@ you only need IPSec for communications that re$uire a heihtened level of 

security..

12. ou are a security consultant assined to improve the level of networ! security at a small university in

the Bidwest with a%out +,3== students. Students need access to e-mail and the e%@ they need to %e

a%le to download common word processin and other prorams. #he situation is complicated %yfaculty and commutin students who dial in to the networ! from home. Bany students also want to

create their own personal e% sites. Cow would you ensure that the far-flun and mo%ile student

 population !nows that they should avoid pu%lishin content online that is considered offensive, and to

!eep passwords private, and that they understand the universitys security policies hoose all thatapply.0

Answers: Answers A, ', and are all ood ideas. Cowever, answer & is pro%a%ly the most effective

way to ensure that the security policies are read and understood %y students.

13. #o the scenario descri%ed in Duestion 12, add this information: our university has a second campus in

a town 3= miles a way. Bost communications %etween the campus do not need to %e secure. 'ut some,

li!e rade reports and admissions files, do re$uire an extra level of security. Cow would you set up a

 policy that provides for extra-secure communications on an as-needed %asis 'e as specific as

 possi%le.Answer: In the security policy, specify that IPSec should %e ena%led on the computers that exchane

rades and other sensitive information %etween the two campuses. Also specify that IPSec Server

 policy should %e used so that hosts will re$uest IPSec, %ut it is not necessary for communicatin withcomputers that do not use IPSec.

1). hen should a security policy %e chaned

Answer: It should chane when the orani7ation ma!es su%stantial chanes in its hardwareconfiuration, or when the firewall is reconfiured in response to security %reaches.

18. hich of the followin is a reason to audit networ! communications

Answer:

19. ou are hired %y a company that employees a num%er of freelance transcriptionists who wor! at home.#hey need to access the networ! remotely so they can su%mit timesheets online and send the company

transcriptions of medical tests that need to %e confidential. hat would you include in the 6emoteAccess portion of the security policy for this company

Answer: E#he 6emote Access section should spell out what protocols should %e used to dial in to the

office e.., SFIP or PPP0. It should also list applications that should not  %e used to connect to the

networ!, such as #elnet. (or users who have ca%le modem or &SF connections, who are re$uired tohave firewalls installed. 6outers that use IS&? to connect to the networ! should meet Password

Authentication Protocol PAP0 or hallene Candsha!e Authentication Protocol CAP0

authentication re$uirements.G

1<. *xplain what a Security Hser Awareness proram is and how it can %e implemented.

Answer: A Security Hser Awareness proram is a series of initiatives ta!en to help employees

understand and accept their orani7ations security stratey. It can %e implemented %y ivinemployees a formal %riefin and handin out a security hand%oo!. *mployees can also %e informeda%out what is expected of them as far as accepta%le use of networ!ed resources. Some companies print

out their Accepta%le Hse Policies and re$uire employees to read and sin them. Polices should also %e

 pu%lished on the e% or in a data%ase file where they can %e reviewed any time.

+=. *xplain what can happen if a security policy is too strict.

Answer: Staff people who are eaer to access the information they need will re%el and find ways to et

around the firewall and other aspects of the security policy.

>uide to (irewalls and ?etwor! Security hapter + Solutions

Page 3: Chap02 Review

7/25/2019 Chap02 Review

http://slidepdf.com/reader/full/chap02-review 3/3


Chap02 OS Structure

Chap02 OS Structure

Documents
Heat Chap02 001

Heat Chap02 001

Documents
Chap02 XII

Chap02 XII

Documents
basic statistic chap02

basic statistic chap02

Documents
Chap02 Edited

Chap02 Edited

Documents
Chap02 MOS

Chap02 MOS

Documents
Heat Chap02 126

Heat Chap02 126

Documents
Tsunami Chap02

Tsunami Chap02

Documents
Chap02 data manipulation

Chap02 data manipulation

Education
Ncercc Socialpedagogybook Chap02

Ncercc Socialpedagogybook Chap02

Documents
Heat Chap02-126.doc

Heat Chap02-126.doc

Documents
Heat 4e SM Chap02

Heat 4e SM Chap02

Documents
Fsc1 Questions Chap02

Fsc1 Questions Chap02

Documents
Chap02 Compatibility.pdf

Chap02 Compatibility.pdf

Documents
Griffin chap02

Griffin chap02

Business
Jsp403 Vol2 Chap02 Dlrsc

Jsp403 Vol2 Chap02 Dlrsc

Documents
CHAP02 Munson

CHAP02 Munson

Documents
Gamp Chap02

Gamp Chap02

Documents
Chap02 international

Chap02 international

Documents
Chap02 gprs pro_03t_kh

Chap02 gprs pro_03t_kh

Documents
chap02 modify.pptdd

chap02 modify.pptdd

Documents
chap02 - Weebly

chap02 - Weebly

Documents
Micro Econ Chap02

Micro Econ Chap02

Documents
Chap02 - Internet (4)

Chap02 - Internet (4)

Documents
Fsc1 Theory Chap02

Fsc1 Theory Chap02

Documents
Tutorial CHAP02

Tutorial CHAP02

Documents
Spengler chap02

Spengler chap02

Documents
Accounting chap02

Accounting chap02

Documents
ChemQuest2012 - Chap02

ChemQuest2012 - Chap02

Education
Heat Chap02 068

Heat Chap02 068

Documents